<%@page import="Tool.tool"%>
<%@page import="java.text.DateFormat"%>
<%@page import="java.text.DateFormat"%>
<%@ page import="java.sql.*"%>
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<%
tool Tool = new tool();
String username = request.getParameter("username");
String userpwd =  request.getParameter("userpwd");
/*
Map<String, String[]> params = request.getParameterMap();
System.out.println(params.size());
for (String key : params.keySet()) {
	System.out.println(params.get(key)[0]);
}
*/
if(username.indexOf("'")>=1||userpwd.indexOf("'")>=1){
	out.println("非法注入！");
	return;
}
if(username.equals("")||userpwd.equals("")){
	out.println("用户名或密码不能为空!");
	return;
}
 	//查询blackjuly这张表里面的name有没有用户要注册的，有的话就跳转到Error/Haveuser.html页面
 	ResultSet rs1 = Tool.Sql().executeQuery("select * from blackjuly where name='" + username +"'");
  	if(rs1.next()){
		out.println("此用户已存在了！");
		response.setHeader("refresh", "3;URL=Add.html");
		return;
 	}
  	//这里是排序，用code这个记录排序
 	rs1 = Tool.Sql().executeQuery("select * from blackjuly order by code");
 	// 先判断是否有记录，如果没有记录，初始化为S001
 	int max = 1;
 	while(rs1.next()) {
 		int num = Integer.valueOf(rs1.getString("code").substring(1));
		if (num <= max) {
			max++;
		}
 	}
	String code = String.format("S%03d", max);
	out.println("你的code:");
 	out.println(code);
	int rs = Tool.Sql().executeUpdate("insert blackjuly values('" + username + "','" + userpwd + "','" + code + "')");
	out.println("创建成功！");
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
	<title>添加状态</title>
  </head>
  <body>
  </body>
</html>